Re: [RFC PATCH v1 09/28] x86/efi: Access EFI data as encrypted when SEV is active

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: [RFC PATCH v1 09/28] x86/efi: Access EFI data as encrypted when SEV is active
From: Paolo Bonzini <pbonzini@xxxxxxxxxx>
Date: Thu, 22 Sep 2016 20:23:36 +0200
Cc: linux-efi@xxxxxxxxxxxxxxx, kvm@xxxxxxxxxxxxxxx, rkrcmar@xxxxxxxxxx, matt@xxxxxxxxxxxxxxxxxxx, linus.walleij@xxxxxxxxxx, paul.gortmaker@xxxxxxxxxxxxx, hpa@xxxxxxxxx, tglx@xxxxxxxxxxxxx, aarcange@xxxxxxxxxx, sfr@xxxxxxxxxxxxxxxx, mchehab@xxxxxxxxxx, simon.guinot@xxxxxxxxxxxx, bhe@xxxxxxxxxx, xemul@xxxxxxxxxxxxx, joro@xxxxxxxxxx, x86@xxxxxxxxxx, mingo@xxxxxxxxxx, msalter@xxxxxxxxxx, ross.zwisler@xxxxxxxxxxxxxxx, labbott@xxxxxxxxxxxxxxxxx, dyoung@xxxxxxxxxx, jroedel@xxxxxxx, keescook@xxxxxxxxxxxx, toshi.kani@xxxxxxx, mathieu.desnoyers@xxxxxxxxxxxx, dan.j.williams@xxxxxxxxx, andriy.shevchenko@xxxxxxxxxxxxxxx, akpm@xxxxxxxxxxxxxxxxxxxx, herbert@xxxxxxxxxxxxxxxxxxx, tony.luck@xxxxxxxxx, linux-mm@xxxxxxxxx, kuleshovmail@xxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, mcgrof@xxxxxxxxxx, linux-crypto@xxxxxxxxxxxxxxx, devel@xxxxxxxxxxxxxxxxxxxxxx, iamjoonsoo.kim@xxxxxxx, alexandre.bounine@xxxxxxx, davem@xxxxxxxxxxxxx
In-reply-to: <443d06f5-2db5-5107-296f-94fabd209407@amd.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0


On 22/09/2016 19:46, Tom Lendacky wrote:
>> > Do you mean, it is encrypted here because we're in the guest kernel?
> Yes, the idea is that the SEV guest will be running encrypted from the
> start, including the BIOS/UEFI, and so all of the EFI related data will
> be encrypted.

Unless this is part of some spec, it's easier if things are the same in
SME and SEV.

Paolo
_______________________________________________
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxx
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel

Follow-Ups:
- Re: [RFC PATCH v1 09/28] x86/efi: Access EFI data as encrypted when SEV is active
  - From: Borislav Petkov

References:
- [RFC PATCH v1 00/28] x86: Secure Encrypted Virtualization (AMD)
  - From: Brijesh Singh
- [RFC PATCH v1 09/28] x86/efi: Access EFI data as encrypted when SEV is active
  - From: Brijesh Singh
- Re: [RFC PATCH v1 09/28] x86/efi: Access EFI data as encrypted when SEV is active
  - From: Borislav Petkov
- Re: [RFC PATCH v1 09/28] x86/efi: Access EFI data as encrypted when SEV is active
  - From: Tom Lendacky

Prev by Date: Re: [PATCH] staging:android:io: Fix multiple styling issues
Next by Date: Re: [RFC PATCH v1 09/28] x86/efi: Access EFI data as encrypted when SEV is active
Previous by thread: Re: [RFC PATCH v1 09/28] x86/efi: Access EFI data as encrypted when SEV is active
Next by thread: Re: [RFC PATCH v1 09/28] x86/efi: Access EFI data as encrypted when SEV is active
Index(es):
- Date
- Thread

[Index of Archives] [Linux Driver Backports] [DMA Engine] [Linux GPIO] [Linux SPI] [Video for Linux] [Linux USB Devel] [Linux Coverity] [Linux Audio Users] [Linux Kernel] [Linux SCSI] [Yosemite Backpacking]